Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : GitPython vulnerabilities (USN-8303-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8303-1 advisory. Santos Gallegos discovered that GitPython did not properly validate paths when...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-8856

IBM HTTP Server 8.5 and 9.0 are affected by CVE-2026-8856, a denial-of-service condition triggered when an attacker with write access to parts of the server configuration can consume resources. The IBM Security Bulletin lists this CVE among multiple vulnerabilities in IBM HTTP Server (bundled wit...

CVE-2026-8856 IBM HTTP Server is affected by multiple vulnerabilities

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration...

CVE-2026-44774 Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false

Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider...

Traefik 访问控制错误漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.46, 3.6.17, and 3.7.1 contained a access control vulnerability. This vulnerability stemmed from the Kubernetes Gateway API provider, which allowed tenants with permission to create...

CVE-2026-45147

SiYuan before 3.7.0 is vulnerable: POST /api/tag/getTag is registered with model.CheckAuth only, omitting CheckAdminRole and CheckReadonly, allowing any authenticated user to pass a sort parameter that mutates Conf.Tag.Sort and triggers model.Conf.Save(), which rewrites the entire workspace conf....

EUVD-2026-28367

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration 74 endpoints and writing/modifying settings including volume, mute,...

CVE-2026-30496

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration 74 endpoints and writing/modifying settings including volume, mute,...

EUVD-2026-23992

Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values...

CVE-2026-32976

OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing channel commands to mutate protected sibling-account configuration despite configWrites restrictions. Attackers with authorized access on one account can execute channel commands like /config set channels..accounts...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

CVE-2026-28393

OpenClaw 2.0.0-beta3 prior to 2026.2.14 contains a path traversal vulnerability in the hook transform module loading. The hooks.mappings[].transform.module parameter accepts absolute paths and traversal sequences, allowing attackers with configuration write access to load and execute malicious mo...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the function saveConfigFile in the file HealthUtils.java, where a failed configuration file write triggers. An attacker can gain unauthorized access to system credentials by accessing...

GHSA-V75G-77VF-6JJQ Para Server Logs Sensitive Information

CWE ID: CWE-532 Insertion of Sensitive Information into Log File CVSS: 7.5 High Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Component: Para Server Initialization Logging Version: Para v1.50.6 File Path:...

VulnCheck KEV: CVE-2023-24055

KeePass through 2.53 in a default installation allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who...

HyperKit 代码问题漏洞

HyperKit is a Moby open source toolkit for embedding virtual machine monitor functionality in applications. A security vulnerability exists in HyperKit 0.20210107 and earlier versions, which stems from vipciwrite calls to vccfgwrite, which does not check for null, and when called causes the host ...

VulnCheck KEV: CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

GHSA-W9P3-5CR8-M3JJ Deserialization of Untrusted Data in Log4j 1.x

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName...